CVE-2011-1028

CRITICAL

Smarty 3.0.0-3.0.6 - Remote Code Execution via $smarty.template Variable

Title source: llm
STIX 2.1

Description

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.

References (3)

Core 3
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2011-1028
Mailing List, Third Party Advisory x_refsource_misc
https://seclists.org/oss-sec/2011/q1/313

Scores

CVSS v3 9.8
EPSS 0.0161
EPSS Percentile 73.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (5)
debian/debian_linux 8.0
debian/debian_linux 9.0
debian/debian_linux 10.0
smarty/smarty 0 - 3.0.7Packagist
smarty/smarty 3.0.0 - 3.0.7
Published Nov 20, 2019
Tracked Since Feb 18, 2026